Hello,
If I understand correctly, you put:
your primary key to the OPENPGP.1 on card.
your subkey of SEA capability to the OPENPGP.2 on card.
your subkey of A capability to the OPENPGP.3 on card.
In this configuration, the OPENPGP.2 key on card is only for decryption.
On Fri, 1 Jun 2018 00:04, koo...@spacekookie.de said:
> ssb> rsa4096 2018-05-30 [SEA]
Remove the S capability from that key. gpg prefers a signing subkey
over the primary key but that happens to be an encryption key on the
card. You should also be able to specify the key as
signingkey =
> On 31 May 2018 at 21:12 Werner Koch wrote:
>
> You are signing with the second key of the token. This is an encryption
> key and thus not able to sign. If you do a "gpg -card-status" can you
> see an Signature key (In the log "OpenPGP.1")?
Hmmm...this is the output of gpg2 --card-status
On Thu, 31 May 2018 20:46, koo...@spacekookie.de said:
> 2018-05-31 20:27:42 scdaemon[17755] DBG: chan_7 <- PKSIGN --hash=sha256
> OPENPGP.2
> 2018-05-31 20:27:42 scdaemon[17755] operation sign result: Invalid ID
You are signing with the second key of the token. This is an encryption
key and
Hey there, thanks for the reply :)
> On 31 May 2018 at 19:41 Werner Koch wrote:
>
>
> On Thu, 31 May 2018 16:12, koo...@spacekookie.de said:
>
> > [GNUPG:] FAILURE sign 100663414
> > gpg: signing failed: Invalid ID
>
> $ gpg-error 100663414
> 100663414 = (6, 118) = (GPG_ERR_SOURCE_SCD,
On Thu, 31 May 2018 16:12, koo...@spacekookie.de said:
> [GNUPG:] FAILURE sign 100663414
> gpg: signing failed: Invalid ID
$ gpg-error 100663414
100663414 = (6, 118) = (GPG_ERR_SOURCE_SCD, GPG_ERR_INV_ID) = (SCD, Invalid ID)
This shows that the error originates from scdaemon. To look deeper
On 05/31/2018 10:12 AM, koo...@spacekookie.de wrote:
> Hey there,
>
> I have a yubikey 4 that contains my GPG key. I can use the `gpg2` tool to
> sign messages without problems. But when I try to do the same with git, it
> fails. The command that git runs internally is equivalent to this:
>
>
Hey there,
I have a yubikey 4 that contains my GPG key. I can use the `gpg2` tool to sign
messages without problems. But when I try to do the same with git, it fails.
The command that git runs internally is equivalent to this:
echo "This is a stream from git..." | gpg2 --status-fd=2 -bsau
On 05/30/2018 02:00 PM, Werner Koch wrote:
> On Wed, 30 May 2018 17:22, tookm...@gmail.com said:
>> GPGME has export and import functions that work well as alternatives to
>> "gpg --import" and "gpg --export". However, looking through the
>> documentation I cannot find an equivalent to "gpg
>>
